This is how the US controls the digital sovereignty of international institutions and the EU

On February 6, 2025, US President Donald Trump imposed a series of sanctions on the International Criminal Court (ICC) for its investigations into US personnel and certain allies, including Israel. The sanctions were implemented not by law, but by executive order —a sort of "special power" that the US president can use in extremely serious cases without first having to pass through Congress.

Among the prohibitions imposed by President Trump is the one contained in Section 3 , which prohibits directly or indirectly contributing or providing funds, goods, or services to individuals subject to sanctions. Pursuant to this executive order, the Associated Press reported in a May 15 article , Microsoft disabled access to the email account of the chief prosecutor of the International Criminal Court; although a statement released on June 4 by the company's president to Politico clarifies that Microsoft has never stopped providing services to the Court as such.

EU countries' reactions and Microsoft's countermeasures

The US administration's decision has raised concerns in several countries, including those in the EU , which have become aware of the consequences of handing over the digital infrastructure of parliaments, governments, administrations, and independent authorities to foreign companies. To reassure its customers, on April 30, 2025, Microsoft announced on its blog that it had modified the contractual terms of the services it sells in the European Union and that it had adopted a "Plan B" to limit the effects of judicial or government orders suspending services. This Plan B includes a commitment to take legal action against these measures and the creation of source code backups in repositories located in Switzerland.

History repeats itself: the Venezuelan precedent

The use by a US administration of an executive order that directly impacts the functioning of other countries' technology infrastructure is nothing new. In 2019, President Trump himself, during his previous term, issued a similar measure against Venezuela, resulting in the deactivation of Venezuelan users' Adobe accounts . Conceptually, it matters little that the blocking of Adobe services was later lifted , because the point is that that incident represents the historical and (geo)political precedent that consolidates Big Tech's role as a tool for achieving the US government's strategic objectives.

The EU's inertia and the timid Franco-German reactions

Faced with a very clear scenario, European institutions chose not to address the structural consequences of technological dependence on a foreign country and, gradually, allowed this dependence to become so strong that it no longer allowed for a quick and easy decoupling. At the same time, for some time now, some countries, including France and Germany, have begun attempts to replace Big Tech's proprietary services with open-source alternatives. However, the facts show that even today, if a US administration decides to push the "red button," there is little Big Tech can do.

Why Big Tech Can't Defy Government Orders

It would be complex to delve into the intricacies of the legal issues surrounding the relationship between private companies and the government in the US legal system, but for the purposes of this article it is sufficient to highlight a few points.

The first is that a commitment, like Microsoft's, to challenge government enforcement actions in court does not mean that the government is necessarily wrong.

The second is that, in addition to executive orders , the North American legal system contains a law, the Clarifying Lawful Overseas Use of Data (CLOUD) Act, which requires US companies to make any type of data available to public authorities, even if it is located abroad and managed by affiliated companies and not by the parent company. Such orders can also be challenged in court, but even then, this doesn't mean that Big Tech is automatically and necessarily right.

In short, therefore, regardless of the possibility of control by US courts and not those of EU countries, the fact—and law—is that the executive branch can decide to block the functionality of services provided by Big Tech and has the right, or rather, the power, to seize data located in the Union.

Kipling's Serpent Paradox

This situation translates, for the European subsidiaries of US companies, into a stalemate where no matter what choice is made, the result will be a violation of the law. US law if the local Big Tech companies decide to comply with EU regulations, and EU law if they choose to comply with US regulations.

A further consequence—also the result of the EU's choice to politicize the issue of personal data protection—is that the agreements for the exchange of data between the two sides of the Atlantic are intrinsically flawed because they are based on the assumption, legally and factually false, that the US voluntarily agrees to self-limit its powers in matters of national security.

The illusion of data exchange agreements

It is therefore not surprising that the first agreement known as “Safe Harbour” was annulled in 2015 by the European Court, that the same fate befell the second—the “Privacy Shield”—in 2020, and that, especially in light of these recent developments, it is reasonable to assume a similar outcome for the current “Trans-Atlantic Data Privacy Framework”.

Regardless of the subtleties of diplomatic language, none of these agreements provide for the EU to have a say in US homeland security and international policy decisions. Therefore, it's unclear what the point is of including rules in the data protection regulation that can be directly applied in other countries when, as the DeepSeek case recently demonstrated, they can easily ignore them in the name of the principle of jurisdictional autonomy .

An impossible technological sovereignty?

It is clear that the issue of the executive order on the International Criminal Court is only one piece of the complex mosaic that represents the issue of technological sovereignty and that it makes little sense to address it as a single case.

In other words, we need to make a structural and strategic choice: whether or not we can continue to use technologies and software over which we have no control or which can be exploited to our detriment.

On paper, the answer is clear, but in reality—as the tariffs issue demonstrates —it doesn't seem like the EU can realistically impose retaliation on the Big Tech sector . On the one hand, in the absence of alternatives, the member states would be the ones to suffer the consequences, and on the other, the US would certainly not stand idly by as its technological presence in the European Union wanes, resulting in reduced corporate revenue and executive power.

The role of open source as a long-term solution

Facts and history have demonstrated how free software and open source represent an alternative and effective model for managing sovereignty over data, information, and programs.

Using this approach to intellectual property allows for full control over how infrastructure functions and fuels the creation of a market for services to public and private institutions that does not necessarily depend on foreign entities, and leaves resources invested within the EU.

Nonetheless, the decision to impose a decisive migration of public infrastructures towards this way of managing the intellectual property of operating systems, applications, and platforms is still struggling to enter the parliamentary agenda.

Even in this case, it would not be a simple and painless choice, but much could already be done, for example by commissioning European universities to develop an entire technology chain, from operating systems to platforms, to be used in all member states, while at the same time establishing a requirement for technology providers to public administrations to use open and compatible protocols and file formats, similar to what the US administration did with the TCP/IP protocol, laying the foundations for the birth of the Big Internet.

Such a choice would not immediately solve all the problems, but it would certainly represent the first step on the road to a democratic and conscious use of information technologies.